p7zip: Fix for CVE-2016-9296

Add patch to fix CVE-2016-9296 Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2026-01-01 13:58:06 +00:00 · 2022-01-13 19:24:32 +05:30 · 2022-01-13 19:24:32 +05:30 · 4f701b4655
commit 4f701b4655
parent 17e931e776
2 changed files with 28 additions and 0 deletions
--- a/meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch
+++ b/meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch
@ -0,0 +1,27 @@
+p7zip: Update CVE-2016-9296 patch URL.
+From: Robert Luberda <robert@debian.org>
+Date: Sat, 19 Nov 2016 08:48:08 +0100
+Subject: Fix nullptr dereference (CVE-2016-9296)
+
+Patch taken from https://sourceforge.net/p/p7zip/bugs/185/
+This patch file taken from Debian's patch set for p7zip
+
+Upstream-Status: Backport [https://sourceforge.net/p/p7zip/bugs/185/]
+CVE: CVE-2016-9296
+
+Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
+
+Index: p7zip_16.02/CPP/7zip/Archive/7z/7zIn.cpp
+===================================================================
+--- p7zip_16.02.orig/CPP/7zip/Archive/7z/7zIn.cpp
+++ p7zip_16.02/CPP/7zip/Archive/7z/7zIn.cpp
+@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedS
+       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
+         ThrowIncorrect();
+   }
+-  HeadersSize += folders.PackPositions[folders.NumPackStreams];
+  if (folders.PackPositions)
+      HeadersSize += folders.PackPositions[folders.NumPackStreams];
+   return S_OK;
+ }
+ 
--- a/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb
+++ b/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb
@ -11,6 +11,7 @@ SRC_URI = "http://downloads.sourceforge.net/p7zip/p7zip/${PV}/p7zip_${PV}_src_al
           file://0001-Fix-narrowing-errors-Wc-11-narrowing.patch \
           file://change_numMethods_from_bool_to_unsigned.patch \
           file://CVE-2018-5996.patch \
+           file://CVE-2016-9296.patch \
           "

 SRC_URI[md5sum] = "a0128d661cfe7cc8c121e73519c54fbf"